AI Score
Confidence
High
EPSS
Percentile
42.0%
In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
blog.sonarsource.com/civicrm-code-execution-vulnerability-chain-explained/
civicrm.org/advisory/civi-sa-2020-03